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Abstract 

In aWst aspect of the invention, different aspects of the packet header and 

4 data included in the packet are singled out for attention, rather that just the four byte IP 

5 destination address. This allows the M-trie Plus to perform functions that TRIES were 

6 unable to do. The currentNTRIE distinguishes only between the leaf and node type ele- 
ments and is used only for routing. The M-trie Plus extends this and includes different 
information in the nodes of the Vie which enables matching and branching on different 
header fields. The basic building bix)ck of all M-trie Plus nodes is an oppointer. The op- 

10 pointer includes an address and an opcode. In a preferred embodiment, the address in- 

11 eluded in an oppointer is the address forsthe next node. The opcode included in an op- 

12 pointer describes what action the router or switch has to do on the packet label to select 

13 the next oppointer leaf on the M-trie Plus data, structure. If an oppointer points to the 8 

14 bit termination leaf, the lookup is terminated. Migh speed packet header processing is 

15 achieved by the multiple pipelined threads of the M-trie Plus engine (MPE) and a wide 

16 memory bus. In a second aspect of the invention, tW^ ACL of a configuration file in a 

17 router or switch is compiled into an ACL - M-trie Plus data structure which is located in 

18 the memory of the router or switch. This has the effect Vf merging routing and ACL 

19 processing in a single device. The M-trie Plus data structure 200 is traversed with respect 

20 to information included in the packet header, thereby detern^ining whether a packet 

21 should be dropped or forwarded. ACL lists are defined in the configuration file of the 

22 router or switch. In a preferred embodiment, there are two forms of access list in the lOS: 
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1 the standard ACL and th^ extended ACL. Standard lists are used to control traffic based 

2 on one or more source IP addresses. The extended access list provides a finer granularity 

3 in controlling traffic. ACL\ definitions provide a set of criteria that are applied to each 

4 packet that is processed by the router or switch. The router or switch decides whether to 

5 forward or drop each packet based on whether or not the packet matches the access list 

6 criteria. Typical criteria defineld in ACLs are source addresses, destination addresses or 

7 upper-layer protocols of the packet. In a third aspect of the invention, the M-trie Plus 

8 structure 200 can map a multicas\ packet header by a sequence of nodes that match on 

9 destination address or source addr^s. Each physical port uses the M-trie Plus with the 
0110 first level nodes matching on the firW 8 bits of the destination address, the second level 
U]i 1 nodes matching on the second 8 bits ott" the destination address and so on, at each level the 
yf:i2 nodes correspond to multicast addresses. In a preferred embodiment, the opcode included 
pi3 in a node can specify other operations, such an instructions to compare bytes in the packet 
Di4 header with bytes in a CAM (contest addressable memory) or to direct certain types of 
~ 15 packets (for example, voice traffic) to a specified output interface. 
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